我正在通过 python 对 azure 进行身份验证以列出我的所有虚拟机,但出现此错误
I am authenticating to azure through python to list down all my virtual machines and I am getting this error
当我尝试通过 python
列出我在 Azure 上的所有虚拟机时出现此错误
Code: AuthorizationFailed
Message: The client "XXXX" with object id "XXXX" does not have authorization to perform action 'Microsoft.Compute/virtualMachines/read' over scope '/subscriptions/XXXXX or the scope is invalid. If access was recently granted, please refresh your credentials.
我的代码如下:
from azure.mgmt.compute import ComputeManagementClient
from azure.identity import ClientSecretCredential
Subscription_Id = "XXXX"
Tenant_Id = "XXXXX"
Client_Id = "XXXXX"
Secret = "XXXXX"
credential = ClientSecretCredential(
client_id=Client_Id,
client_secret=Secret,
tenant_id=Tenant_Id
)
compute_client = ComputeManagementClient(credential, Subscription_Id)
vm_list = compute_client.virtual_machines.list_all()
pageobject1 = vm_list.by_page(continuation_token=None)
for page in pageobject1:
for j in page:
print(j)
当您尝试将 virtualmachinecontributor 等特定角色分配给您的服务主体时,您需要传递 service principal/appregistration name 而不是传递您的应用注册 applicationId/objectId ,如下所示。
- Post 提供对
service principal/appregistration 所需的访问权限,您将能够提取订阅中的虚拟机列表。我们已经在我们的本地环境中检查了上述 python,它也工作正常。
这里是示例输出截图以供参考:
使用资源管理客户端拉取 VM 列表的更新答案:
from azure.mgmt.resource import ResourceManagementClient
from azure.identity import ClientSecretCredential
Subscription_Id = "<subId>"
Tenant_Id = "<tenantid>"
Client_Id = "<appId>"
Secret = "<clientSecret>"
credential = ClientSecretCredential(
client_id=Client_Id,
client_secret=Secret,
tenant_id=Tenant_Id
)
resource_client=ResourceManagementClient(credential=credential,subscription_id=Subscription_Id)
resource_list=resource_client.resources.list()
for item in resource_list:
if(item.type == 'Microsoft.Compute/virtualMachines'):
print(item)
当我尝试通过 python
列出我在 Azure 上的所有虚拟机时出现此错误Code: AuthorizationFailed
Message: The client "XXXX" with object id "XXXX" does not have authorization to perform action 'Microsoft.Compute/virtualMachines/read' over scope '/subscriptions/XXXXX or the scope is invalid. If access was recently granted, please refresh your credentials.
我的代码如下:
from azure.mgmt.compute import ComputeManagementClient
from azure.identity import ClientSecretCredential
Subscription_Id = "XXXX"
Tenant_Id = "XXXXX"
Client_Id = "XXXXX"
Secret = "XXXXX"
credential = ClientSecretCredential(
client_id=Client_Id,
client_secret=Secret,
tenant_id=Tenant_Id
)
compute_client = ComputeManagementClient(credential, Subscription_Id)
vm_list = compute_client.virtual_machines.list_all()
pageobject1 = vm_list.by_page(continuation_token=None)
for page in pageobject1:
for j in page:
print(j)
当您尝试将 virtualmachinecontributor 等特定角色分配给您的服务主体时,您需要传递 service principal/appregistration name 而不是传递您的应用注册 applicationId/objectId ,如下所示。
- Post 提供对
service principal/appregistration所需的访问权限,您将能够提取订阅中的虚拟机列表。我们已经在我们的本地环境中检查了上述 python,它也工作正常。
这里是示例输出截图以供参考:
使用资源管理客户端拉取 VM 列表的更新答案:
from azure.mgmt.resource import ResourceManagementClient
from azure.identity import ClientSecretCredential
Subscription_Id = "<subId>"
Tenant_Id = "<tenantid>"
Client_Id = "<appId>"
Secret = "<clientSecret>"
credential = ClientSecretCredential(
client_id=Client_Id,
client_secret=Secret,
tenant_id=Tenant_Id
)
resource_client=ResourceManagementClient(credential=credential,subscription_id=Subscription_Id)
resource_list=resource_client.resources.list()
for item in resource_list:
if(item.type == 'Microsoft.Compute/virtualMachines'):
print(item)